Tuesday, 1 April 2008

Server Encryption key

When you setup a development and testing environment with Sun Identity Manager, you are going to get some problems with Server Encryption Keys when you try to import encrypted objects from one server instance into the other.

Server encryption keys are symmetric, triple-DES 168-bit keys. A server can have more then one key. Every encrypted object is prefixed by the ID of the encryption server that is used. So Identity Manager knows which Server Encryption Key to use.

For the testing and development environment it's usefull to have the same encryption keys so you can exchange your encrypted objects without much effort. You can use the Manage Encryption Key feature to create new encryption keys, export them and re-encrypt the objects with the current encryption key. This feature doesn't allow you to set the current encryption key to a specific imported encryption key. So it can't help us to get the same key on both the test and development installation.

For this problem we had to make a custom workflow that invoked a custom java class. The java class just gets and sets the current Server Encryption Key. The workflow displays the current key and a drop-down-box to pick your new Current Server Encryption Key. Once you imported the new Server Encryption Key (through import exchange file) and set it to the current key, you can re-encrypt all objects with this current key through the Manage Server Key feature.
With this solution you can have the same Server Encryption Key on all your Identity Manager instances.


ahmed599 said...

Termites feed on cellulose naturally in nature in different forms. Termites attack houses and houses made of raw bricks, where the first ants extract parts of figs from the inside of the bricks and work to empty it from inside to lead to the collapse of the building, and also attack the ants from During walls such as cupboards, fabrics and wooden windows. افضل شركة مكافحة حشرات
شركة مكافحة النمل الابيض بالرياض
شركة مكافحة حشرات بالرياض
شركة رش مبيدات بالرياض

Data Science Course in Bangalore said...

Actually I read it yesterday I looked at most of your posts but I had some ideas about it . This article is probably where I got the most useful information for my research and today I wanted to read it again because it is so well written.
Data Science Course in Bangalore